Skip to content
← Back to blog

DDoS protection explained – how your server stays online

Published on 24 June 2026

A DDoS attack (Distributed Denial of Service) floods a server with requests from many sources until it is overwhelmed and legitimate users can no longer get through. Good DDoS protection filters out this malicious traffic before it reaches the server.

The attack layers (L3–L7)

  • L3/L4 (network/transport): volumetric floods such as UDP or SYN floods that clog the line.
  • L7 (application): more sophisticated attacks on web applications that mimic real requests.

Effective protection covers all layers – not just the volumetric ones.

How does mitigation work?

Traffic runs through a scrubbing network: malicious patterns are detected and dropped, clean traffic is let through. What matters is the filtering capacity – how large an attack can be absorbed without the protection itself becoming the bottleneck.

Our protection

All servers are protected by default via a global network with 200+ Tbps filtering capacity and 210+ PoPs (L3–L7) – documented to absorb a 6 Tbps attack without downtime. So your service stays reachable even under fire.

Learn more about our infrastructure on the data center page or get started with a vServer.